- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
How to extract a public certificate and private key from .pfx for use in GMS/Analyzer 7.2 and later
03/26/2020 
1,121 People found this article helpful
48,318 Views
Description
How to import the custom certificate to GMS/Analyzer 7.2
Resolution
1. Prepare your certificate issued by CA in .pfx format (eg. certificate.pfx) and the password key
2. Install OpenSSL on your system - for the installation file refer to the following url: https://www.openssl.org/source/
3. Take the .pfx file (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed.
Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key.
4. Run the following command to export the certificate: openssl pkcs12 -in certname.pfx -nokeys -out cert.pem output = cert.pem
5. Run the following command to export the private key: openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes output = key.pem
6. Run the following command if you wish to remove the passphrase from the private key: openssl rsa -in key.pem -out server.key
7. Login to the appliance (system) interface of the GMS/Analyzer and under System/Deployment/Settings/SSL Access configuration select Custom button.
8. Under Certificate file browse for the cert.pem file created in the step 4.
9. Under Certificate Key file browse for the key.pem file created in the step 5.
10. Provide the certificate password in the Certificate password field.
11. Click on update button. GMS will reboot and your new custom certificate will be installed.
Related Articles
- Can we make changes to a firewall config acquired on NSM directly through the firewall?
- Perform Restart of firewall from NSM.
- Requirement is to push cfs settings from one firewall to a group of Firewalls in NSM.
YES
NO